Identifying data of a person using of a personal emergency device

ABSTRACT

In this disclosure, a person may be identified by: (i) receiving a first message comprising an ID of a first device and a hardware ID of a personal emergency device; (ii) linking the personal emergency device with personal data of the person, the personal data being associated with the ID of the first device; and (ii) receiving a second message from a mobile device comprising the hardware ID of the personal emergency device. In response to receiving the second message, and/or receiving a subsequent message received via the mobile device and comprising the hardware ID of the personal emergency device, a message is transmitted to a monitoring station based on the prior association of the personal data with the hardware ID of the personal emergency device. The message includes the personal data or an identifier for identifying said personal data.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims priority to Luxembourg Application No.LU100820 filed with the Intellectual Property Office of Luxembourg onJun. 4, 2018 which is incorporated herein by reference in its entiretyfor all purposes.

TECHNICAL FIELD

The present invention relates to a method, computer product and a systemfor identifying to a monitoring station personal data of a person inresponse to a use of a personal emergency alert device. The data islinked, in a server, to a first device, and person may be associatedwith the first device, the personal emergency device, and a mobiledevice. In some embodiments, the invention may be used to monitor thesafety/health of the person.

BACKGROUND

Personal emergency devices may be carried and/or worn by a person fortheir safety. Threats to their safety may be from another person or froma state of their health and/or physical condition. Such devices may beused by the elderly, for example. Such a device may monitor a person'ssafety by including a panic detector or button and/or fall detector, andtransmitting an alert message, which is directly or indirectly receivedby a monitoring station.

For the monitoring station to act on any received alerts, they need toknow details about the person, such as any one or more (includingpotentially all) of: as who they are, where they live, where they arecurrently located, how old they are, their medical history and/or arelative of the person, and suchlike.

However, there may be problems and/or challenges in determining suchinformation. For example, a personal emergency device may transmit analert to a phone which then automatically calls a monitoring station. Anattendant at the monitoring station then needs to ask the person theirpersonal details, but the person may not be able to tell the attendantthis information, for example due to incapacitation. One solution is toregister this information beforehand. For example, the details may betyped by the person into an app on the person's smartphone, whichinterfaces between the personal emergency device and the monitoringstation. However, this can be difficult for some people, especiallyelderly people, who may not be technologically literate or able.

Reference to any prior art in this specification is not anacknowledgement or suggestion that this prior art forms part of thecommon general knowledge in any jurisdiction, or globally, or that thisprior art could reasonably be expected to be understood, regarded asrelevant/or combined with other pieces of prior art by a person skilledin the art.

SUMMARY OF THE INVENTION

In a first aspect the invention provides a method of identifying to amonitoring station personal data of a person in response to a use of apersonal emergency alert device, wherein the personal data is linked, ina server, to a first device, the method comprising:

-   -   a. receiving, at the server, a first message comprising an ID of        the first device and a hardware ID of the personal emergency        device;    -   b. linking, at the server, the personal emergency device with        the personal data, by:        -   i. identifying the personal data corresponding to the            received ID of the first device,        -   ii. associating the personal data with the hardware ID of            the personal emergency device;    -   c. receiving, at the server, a second message from the mobile        device comprising the hardware ID of the personal emergency        device; and    -   d. in response to at least one of (i) receipt of the second        message, and (ii) receipt of a subsequent message received at        the server via the mobile device and comprising the hardware ID        of the personal emergency device, transmitting, by the server, a        message to the monitoring station, wherein based on the prior        association of the personal data with the hardware ID of the        personal emergency device the server includes in the message (i)        the personal data or (ii) an identifier for identifying said        personal data.

In a second aspect the invention provides a method of identifying andenabling the accessing of personal data of a person that is linked to afirst device wherein the personal data is to be identified and accessedfor use of a plurality of additional devices including a personalemergency device and a mobile device, the method comprising:

-   -   a. receiving, at a server, a first message comprising an ID of        the first device and a hardware ID of the personal emergency        device;    -   b. linking, at the server, the personal emergency device with        the personal data, by:        -   i. identifying the personal data corresponding to the            received ID of the first device,        -   ii. associating the personal data with the hardware ID of            the personal emergency device;    -   c. receiving, at the server, a second message from the mobile        device comprising the hardware ID of the personal emergency        device, wherein at least one of (i) receipt of the second        message, and (ii) receipt of a subsequent message received via        the mobile device and comprising the hardware ID of the personal        emergency device, is used to access the personal data based on        the prior association of the personal data with the hardware ID        of the personal emergency device.

For each of the above aspects of the invention, the second message mayfurther comprise an ID of the mobile device, and step (b)(ii) mayfurther comprise associating the personal data with the ID of the mobiledevice, wherein a subsequent message received from the mobile devicemust comprise the hardware ID of the personal emergency device and theID of the mobile device for the server transmit said message to themonitoring station in response to receiving the subsequent message.

The second message may further comprise an ID of the mobile device, andthe method may further comprise associating the personal data with theID of the mobile device. In some embodiments, the subsequent messagefurther comprises the ID of the mobile device. In some embodiments, saidmessage transmitted to the monitoring station is based on the subsequentmessage received from the mobile device comprising both the hardware IDof the personal emergency device and the ID of the mobile device.

In some embodiments, the ID comprises application ID of a monitoringapplication installed on the mobile device, a hardware ID of the mobiledevice, and/or a mobile number of the mobile device, but in any case,the message transmitted to the monitoring station may comprise a mobilenumber of the mobile device.

In some embodiments, wherein first and second messages are receivedwithin a time window of a predetermined duration to enable step (b). Insome embodiments, the server forwards the details of the linked devicesto one or more remote devices.

In some embodiments, the first device is a control panel, the personalemergency device is a battery operated wearable device which preferablyincludes a fall detector and a panic detector. In some embodiments, thepersonal emergency device wirelessly communicates with the first devicein a pairing process that triggers said first message from the firstdevice. By such pairing the personal emergency alert device and thefirst device exchange their respective IDs, so both devices become knownto each other.

In some embodiments, the personal emergency device communicates with themobile device via a Bluetooth communication, said communicationtriggering transmission of said second message to server from the mobiledevice. The communication with the mobile device is in come embodimentsa Bluetooth communication, more specifically a Low Energy Bluetooth(BLE) advertisement, which is a one way communication, broadcasted fromthe personal emergency alert device.

In some embodiments, the personal emergency device is configured to, inresponse to detecting a fall or panic event, transmit a Bluetoothsignal, e.g. a BLE advertisement, which includes the hardware ID of thepersonal emergency device for receipt by mobile device for the mobiledevice to transmit said subsequent message to the server.

In some embodiments, said personal data is stored as a record at themonitored station, wherein the monitoring station uses said identifierfor identifying said personal to access said personal data by retrievingsaid personal data from the record at the monitoring station.

In some embodiments the server accesses the personal data from a memoryassociated with the sever.

In some embodiment, the message transmitted to the monitoring stationfurther comprises data related to an event detected by the personalemergency device. The data related to the event may be derived from thesubsequent message.

In some embodiments of the invention, the first message is received fromthe first device.

According to a third aspect of the invention there is provided a systemfor identifying personal data of a person in response to a use of apersonal emergency alert device, wherein the personal data is linked, ina server, to a first device, the first device being a server and thesystem including the server, the server being programmed to:

-   -   a. receive a first message comprising an ID of the first device        and a hardware ID of the personal emergency device,    -   b. link the personal emergency device with the personal data,        said linking including:        -   i. identifying the personal data corresponding to the            received ID of the first device,        -   ii. associating the personal data with the hardware ID of            the personal emergency device;    -   c. receive a second message from the mobile device comprising        the hardware ID of the personal emergency device; and    -   d. in response to at least one of (i) receipt of the second        message, and (ii) receipt of a subsequent message received via        the mobile device and comprising the hardware ID of the personal        emergency device, transmitting a message to the monitoring        station wherein based on the prior association of the personal        data with the hardware ID of the personal emergency device the        server includes in the message (i) the personal data or (ii) an        identifier for identifying said personal data.

According to a fourth aspect of the invention there is provided a systemfor identifying and enabling the accessing of personal data of a personthat is linked to a first device wherein the personal data is to beidentified and accessed for use of plurality of additional devicesincluding a personal emergency device and a mobile device, the systemincluding a server, the server being programmed to:

-   -   a. receive a first message comprising an ID of the first device        and a hardware ID of the personal emergency device,    -   b. link the personal emergency device with the personal data,        said linking including:        -   i. identifying the personal data corresponding to the            received ID of the first device,        -   ii. associating the personal data with the hardware ID of            the personal emergency device;    -   c. receive a second message from the mobile device comprising        the hardware ID of the personal emergency device, wherein at        least one of (i) receipt of the second message, and (ii) receipt        of a subsequent message received via the mobile device and        comprising the hardware ID of the personal emergency device, is        used to access the personal data based on the prior association        of the personal data with the hardware ID of the personal        emergency device.

In the third and/or fourth aspects of the invention, the server may be aserver that is configured to execute the first or second aspect of thepresent invention.

In some embodiment the system consists of the server, which in otherembodiments, the system includes other one or more devices, which mayinclude any one or more of: the personal emergency alert device, themonitoring station and the mobile device.

The invention extends in one aspect to a computer product comprising oneor more computer readable mediums storing a plurality of instructionsfor controlling a electronic system to perform an operation of any ofthe described methods.

According to another aspect of the invention there is provided acomputer program product comprising one or more computer readablemediums storing a plurality of instructions which when executed by aserver perform any of the described methods.

Other embodiments of the invention will be appreciated from the figuresand description which follows.

One or more embodiments of the present invention use a message from afirst device to an application server to associate the personalemergency device with the first device, wherein the details of theperson have already been registered in a database and are electronicallyretrievable by the application server. The message is known to be fromthe first device because of an already registered identifier associatedwith the first device. Based on the association between the first deviceand the personal emergency device (by virtue of the message) the servermay link to the registered personal details a unique identifier (e.g. aserial number) of the personal emergency device that is received in themessage.

Based on the now registered identifier of the personal emergency device,the person using the personal emergency device, and the personal detailsof the person, are then identifiable from alert messages sent from anunknown mobile communications device, where such messages a transmittedin response to an alert received, by the mobile communications device,from the personal emergency device. Further, an identifier associatedwith that mobile communications device may also automatically beregistered by its association with the identifier of the personalemergency device, the association being by virtue of both identifiersbeing received in a message from the mobile communications device.

Subsequent alert messages from the mobile communications device andincluding the registered identifiers of the mobile communications deviceand the personal emergency device enable, inform the server that thealert came from that specific personal emergency device from that mobilecommunications device. In some embodiments, the server may then initiatean action, such as informing a monitoring station of the alert, in sucha manner that the monitoring station may know the details of the personand may also know the current mobile communications device in theperson's possession. In embodiments in which the mobile phone number isassociated with the registered mobile identifier, the personal detailsof the person may automatically be accessed by a monitoring station ifthe monitoring station receives an incoming call from that phone number.

Advantageously, a person does therefore not need to actively supplytheir personal details for the personal emergency device, nor do theyneed to actively supply their personal details for the mobile phone(except in some embodiments where they may enter their phone number, aswill be described). The personal details only needed to be provided toregister the first device.

In some embodiments, the unique identifier of the personal emergencydevice is communicated to the server upon an RF pairing between thepersonal emergency device and mobile communications device. In lieu ofBLE other short-range, preferably low power, communication protocols maybe employed for communications between the personal emergency device andthe first device. In some embodiments communications between thepersonal emergency device and the first device is via a protocol thatoperates in a sub-gigahertz frequency range. Further, advantageously asingle action at the personal emergency device may be used to triggerthe personal emergency device to undertake both the communication withthe first device and the communication with the mobile device to providethe ID of the personal emergency device to both the first device and themobile device for system configuration, thus making for a simple setupprocess.

The first device is in some embodiments a device of a home monitoringsystem, e.g. it may be a control panel which communicates with aplurality of peripheral monitoring devices, such as voice-activatedpanic detectors and/or motion sensors.

As used herein, except where the context requires otherwise, the terms“comprises”, “includes”, “has”, and grammatical variants of these terms,are not intended to be exhaustive. They are intended to allow for thepossibility of further additives, components, integers or steps.

Various embodiments of the invention are set out in the claims at theend of this specification. Further aspects of the present invention andfurther embodiments of the aspects described in the preceding paragraphswill become apparent from the following figures and description, givenby way of non-limiting example only. As will be appreciated, otherembodiments are also possible and are within the scope of the claims.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a schematic block diagram of an embodiment of a system foridentifying to a monitoring station personal data of a person who isassociated with multiple devices including a first device linked to thepersonal data of the person and a plurality of additional devices;

FIG. 2 shows a flowchart of one or more embodiments of a method of theinvention including a configuration and registration phase, and

FIG. 3 shows a flowchart of one or more embodiments of an implementationor use phase.

DETAILED DESCRIPTION OF THE EMBODIMENTS

An exemplary embodiment of a system 100 in accordance with an aspect ofthe present invention is illustrated in FIG. 1. In this example thesystem is a monitoring system that includes home monitoring devices. Thesystem 100 has a hub device 102 in the form of a control panel thatprovides central control of, and data collection from, a plurality ofperipheral devices 104(a-e) by RF communication using alocal-communication antenna 106 on the control panel 102.

The peripheral devices may include passive infrared detectors (PIRs)104(c,d) for detecting the presence of a person in a correspondingmonitored space with the environment, such as in a specific room. Otherperipheral devices, such as other peripheral device 104 e, may be orinclude, for example, motion sensors, sensors for detecting changes in astate of a door or window, temperature sensors or any other sensor formeasuring an environmental condition or an indication relating to aperson 103 that may be in the environment. The other peripheral devicesmay alternatively be any other smart device for assisting living,including a smart TV, one or more lights, an air conditioning or heatingsystem a hi-fi sound-system, and the like.

The person 103 may be someone for whom monitoring is desirable ornecessary. For example, the person 103 may be an elderly or infirmperson, and the environment in which they are monitored may be a homeresidence, in which there may rarely, or at least not always, be anotherperson present to see that the person 103 is safe and well.

The system 100 provides an ability for the person 103 to send an alertto a remote station 110(a,b) indicating a threat to their safety, whichmay be an environmental threat or a threat to their health or mobility.For example each of the control panel 102 and the peripheral devices104(a,b) may include one or more distress actuators (e.g. a panic buttonand a panic pull chord) and may include a microphone for detecting aspoken call for help or a threat-indicative sound. Such devices 104(a,b)may be referred to as voice panic detectors (VPDs)

The peripheral devices 104(a,e) communicate messages to and from thecontrol panel 102, by radio frequency (RF) communication (in someembodiments is in a sub-gigahertz frequency range), and thus the controlpanel 102 has one or more RF antennas 106 for the suchlocal-communication. One or more of the RF antennas 106, or one or moreother antennas, of the control device may optionally be enabled for LowEnergy Bluetooth (BLE) communication. BLE signals and/or other RFsignals may be received from a portable, body-worn personal emergencydevice 111 which includes distress detection and fall detection (e.g.based on an accelerometer) when worn on the person 103. In someembodiments such other RF signals are in a sub-gigahertz frequencyrange. Distress detection is achieved by means of distress/panic button.Optionally, the portable personal emergency device may additionally oralternatively detect other personal emergencies based on medical/healthparameters, e.g. heart rate, for example. In some embodiments, in whichthe personal emergency device 111 detects is equipment with at leastfall and distress detection, the personal emergency device 111 mayadvantageously be a pendant. In other embodiments personal emergencydevice 111 may take the form of any other portable device which may beworn on a person in a manner that is easily accessible, including on thewrist.

To use the personal emergency device 111 in the monitored space, theemergency device 111 is, for first use, paired with the hub device 102using RF communications. During the pairing process a unique hardwareidentifier, such as a serial number, of the emergency device 111 iscommunicated to the hub device 102. This hardware identifier is relayed,by the hub 102, to the server 101. The server 101 more particularly,receives a message (e.g a packet or a plurality of associated packets)that includes both an identifier of the hub device 102 (e.g. a hardwareidentifier, such as a serial number) and a hardware identifier (e.g. aserial number) of the personal emergency device 111.

Upon receiving the communication, the server associates the hardwareidentifier of the device 111 with a database entry including the detailsof the person 103, the personal details corresponding to the receivedidentifier of the hub device 102. The details include, in this exemplaryembodiment, who they are, where they live, where they are currentlylocated, how old they are, their medical history and/or a relative ofthe person, and suchlike.

Thereafter, during use of the personal emergency device 111 with the hub102, in an event that a safety-threat condition is detected/sensed bythe personal emergency device 111, the personal emergency device 111transmits an RF signal which includes its hardware identifier and thisRF signal is received by the hub device 102. Upon receiving the RFsignal, an alert signal including the hardware identifier istransmitted, from the hub device 102 to the server 101, which acts asneeded, e.g. by transmitting a corresponding alert signal to one or bothof the monitoring devices/stations 110(a,b). In some embodiments thecorresponding alert signal includes the person's personal details (e.g.as listed above), retrieved from the database entry for the device 111,based on the received hardware identifier of the device 111. Thepersonal details may include a mobile phone number on which to contactthe person 103, which may be automatically entered into a dialer. Inother embodiments, as will be described below, an account record withsuch personal details is transmitted from the server 101 to monitoringstation 110(a) when the hardware ID of emergency device 111 is firstreceived, and when an alert including the hardware ID of emergencydevice 111 is later received by server 101, the server transmits areference to that record in the corresponding alert to the remotestation 110 a, which is a computing device. A person attends to themonitoring station 110 a to respond as needed to incoming notificationsand/or calls.

The control panel has a second antenna 108 that may be used for thecommunication with one or more remote stations 110(a,b) and/or adistinct server 101, the communication via the second antenna being anRF communication via a telecommunications tower 112 andtelecommunications network 114.

The acting server 101 has a component that acts as an application serverand a component that acts as a storage server. As will be appreciatedthese server functions may be provided by single computing device or adistributed system. The server includes one or more non-transientcomputer readable mediums for storing the database and for storinginstructions for configuring operation of the server by executing of theinstructions by one or more processors.

The storage server stores personal details about the person 103 beingmonitoring by the home monitoring devices 104. The application servercomponent interfaces with the hub device 102 to control the homemonitoring, and the application server may be accessed from either orboth of the remote stations/devices 110(a,b) to enable control therefromor to provide access to information, such as the person's details,relevant to the monitoring system. In some embodiments the monitoringstation 110 a is at the server 101, while in other embodiments it isremote from the server. In any case the monitoring station 110 a isremote from the hub device 102.

The remote device/station may be a monitoring station 110(a) at whichone or more people administer surveillance and responses to thesurveillance, when necessary. For example, the monitoring station may beforwarded the indication of safety threat by the control panel 102, andin response a person may dispatch security personnel or an ambulance,depending on the personal details retrieved from the server 101. Themonitoring station 110 a may operate queuing software to handle messagesreceived from the server 101, and from the queued messages output datato one or more interfaces at which people are stationed.

Another remote device/station may be provided in the form of a personalgeneral computing device 110 b, such as a laptop, notebook, desktop,tablet, smartphone or the like. The personal computing device mayalternatively be a customized computing device intended specifically forthe administration of the system 100. In any case the personal computingdevice may be operated by a person such as a family member or carer ofthe person 103.

The person 103 also carries, at least when leaving their home, aportable wireless telecommunications network enabled device 120 (e.g.using 3G, 4G/LTE or any other telecommunications protocol), e.g. asmartphone. The portable telecommunications device 120 is BLE enabledand has installed thereon on an app that configures the portabletelecommunications device 120 to, upon detecting a BLE advertisementfrom a personal emergency device such as device 111, transmit an alertsignal to the server 101.

At installation of the app, a person enters the phone number of theportable telecommunications device 120 into the app on the portabletelecommunications device 120. In other embodiments, the portabletelecommunications device 120 automatically reads the phone number froma SIM card in the portable telecommunications device.

Configuration of the app also involves a Bluetooth (more specificallyBLE) communication to the telecommunications device 120 from thepersonal emergency device 111. The communication configures the app toact on broadcasted BLE advertisements from the device 111 as describedherein.

FIG. 2 shows a flowchart of one or more embodiments of an exemplarymethod 200 showing configuration and registration of the system 100 forusing the personal emergency device 111.

Personal details of the person 103 are recorded in a database accessibleby an application layer of server 101. The personal details are storedin an electronic record that includes a first device in the form of ahub device/control panel 102 of the monitoring system 100. The person103 has a mobile device, in this example a smartphone 120, which has theapp installed, and the phone number of the mobile device 120 known bythe app (e.g. by manual entering of the phone number upon installationof the app). The person 103 also has a portable, personal emergencydevice 111 in the form of a wearable device, e.g. a pendant, and has afall detector and/or a panic button. Neither the personal emergencydevice nor the mobile device are at this stage known to the server 101.

At step 201, the person 103 puts the first device 102 into a pairingmode. At step 202, the person 103 then presses the panic button on thepersonal emergency device 111 which causes the personal emergency device111 to firstly communicate with the first device 102, at step 204, andthen immediately afterwards commence communicate with the mobilecommunications device 120, at step 212 for configuration purposes.

In each of these communication processes the personal emergency device111 transmits a hardware identifier, which in this example is a serialnumber, to the respective receiving device.

Upon receiving the hardware identifier of the personal emergency device111, the first device 102, transmits, at step 206, a first message tothe server 101. The first message includes the hardware identifier ofthe personal emergency device 111 and an identifier of the first device102, in this example its serial number.

At step 208, the server 101 receives the first message at time t1. Atstep 210, the server 101 links the hardware ID of the personal emergencydevice 111 with the personal data in the database. This is achieved byidentifying the personal data corresponding to the received ID of thefirst device 102, and associating the personal data with the hardware IDof the personal emergency device 111. For example, the server mayidentify the personal data by referencing the received ID of the firstdevice 102 in a write action to the database. The server may associatethe personal data with the hardware ID of the personal emergency device111 by writing the hardware ID of the personal emergency device 111 tothe database in the write action, so that the hardware ID of thepersonal emergency device 111 is linked/associated in the database withthe personal data. As will be appreciated, the link may be a direct linkto the personal data or may be a link to hardware ID of the personalemergency device, which is in turn linked to the personal data.

At step 214, once the mobile device 120 receives the hardware ID of thepersonal emergency device, it transmits a second message to the server101. The server may be known to the app of the mobile device 120 by, forexample, a hard-coded IP address in the app, which is a fixed IP addressof the server. The app has an ID that is specific to the mobile deviceon which it is installed. The second message identifies the personalemergency device 111 and the mobile device 120 by including in themessage the hardware ID of the personal emergency device 111 and theapplication ID of the mobile device 120, respectively.

At step 216, the second message is received at the server 101 at timet2. Time t2 may be before or after t1, even the message from the firstdevice 102 is transmitted prior to transmission of the message from themobile device 120. Further, other embodiments are possible in which themessages may be transmitted in the opposite order. For either reason,the term “first message” and “second message”” as used herein is notintended to imply that the “first message” necessarily precedes the“second message” at the time or transmission and nor at the time ofreception.

At step 218 the server determines server identifies that the first andsecond messages are intended to be associated with each other becauseeach includes the same personal emergency device hardware ID. The servercalculates the difference between t1 and t2 and compares this with apredefined threshold, which is configurable but may be, for example 2minutes, to allow for potential delays.

If the difference is less than the threshold, then at step 222, theserver 101 infers that the second message came from a device that wasphysically at the location of the hub first device 102, as it would beextremely unlikely that a person not having access to the first device102 (to execute step 202) would have transmitted the hardware ID of thepersonal emergency device 111 during the available time window. It isthereby inferred by the server 101 that the mobile device 120 is anauthorized device, and accordingly, at step 222, the application ID ofthe mobile device 120 is linked, in the database, to the personal data.Further, at step 222, upon determining that the mobile device isauthorized, the server transmits a token to mobile device 120 to enablethe mobile device 120 to later transmit an emergency event to theserver, when received from the personal emergency device 111 (see step304 below). This completes the configuration of the mobile device 120and personal emergency device 111 at step 222.

In an event that prior to commencement of method 200, the personalemergency device has already been paired with the first device 102,there is no need to re-pair at step 204. However, if such a pairing hasalready occurred, step 204 nonetheless occurs in order to use a timewindow as described above. For such a case, step 210 is redundant sincethe linking of the personal emergency device 111 and the personal datais already in place.

The second message may advantageously also include the phone number ofthe mobile device 120. In some embodiments the phone number is alsolinked to the personal data at step 224. It is noted that in otherembodiments the phone number may be used in place of the application ID.However, since the SIM card to which the phone number is tied may bepotentially by changed, it is advantageous to provide both the phonenumber and the application ID to the server.

Then at step 226, the server 101 transmits an account record of theperson 103, including the personal details and in some embodiments thephone number, to the monitoring station. However, in some otherembodiments, the monitoring station already has an account record withthe personal details of the person 103 (e.g. because of a previoustransmission from the server 101). For such embodiments, the server 101instead transmits, at step 226, a reference to identify thecorresponding account of the person 103, and in some embodiments thephone number.

As shown at step 220, if it is determined at step 218 that thedifference is greater than the threshold the server does not link theapplication ID of the mobile device 120 with the personal data.Advantageously, this may protect against a cyberattack attempting toregister incorrect mobile device details.

FIG. 3 shows a flowchart of an exemplary method 300 in which thepersonal emergency device 111 is in use to monitor the person's safety,once it has been registered in the database, for example using themethod 200. In this exemplary method the person 103 is away from theirresidence and, as a result, the first device 102 is unavailable toreceive alerts from the personal emergency device 111.

At step 302, the personal emergency device 111 detects an emergencyincident such as a fall detection or the pressing of the panic button.In response the personal emergency device 111 transmits a BLEadvertisement which includes the hardware ID of the personal emergencydevice 111 and data about the detected event (e.g. whether it was adetected fall or panic button press).

At step 304, the mobile device 120 detects the advertisement andconfirms, based on the hardware ID received in the advertisement, thatit is from the previously received personal emergency device for whichit was previously configured and, in the event that this is confirmed,transmits a subsequent message (e.g a third or fourth message, forexample) to the server 101. The subsequent message includes anidentifier of the mobile device 120 (e.g. the application ID of themobile device 120) and the hardware ID of the personal emergency device111, and the details of the data about the detected event, for examplean event type, which may indicate a selected one or more of: a fallevent and a panic event. The message may optionally also include thephone number recorded by the app.

The transmission of the subsequent message, in some embodiments,requires a valid token. A valid token was issued at step 222. However,if the server 101 in the meantime receives a valid configuration requestaccording to step 216 of method 200 but for a different mobile device,or from the same mobile device 120 but for a different personalemergency device, then the token based on the application ID of themobile device 120 and the hardware ID of the personal emergency device111 will be revoked (e.g. by cancelling the ability of the server 101 toaccept the previously issued token from step 222). Alternatively, thetoken may be temporarily revoked, for other reasons e.g. a temporarycyber-security concern. The mobile device 120 will receive anotification that its token has been revoked. At which stage the mobiledevice 120 can request a new token based on the mobile 120 and device111 IDs and a new token will be issued if the token was only temporarilyvalid. Otherwise the mobile device can request a new token by repeatingmethod 200.

In any case, when there is a valid token, the subsequent message (themessage from the mobile device 120 in response an alert from thepersonal emergency device 111) is received by the server 101 at step306.

As a result, in step 308, the server 101 transmits, to the monitoringstation 110 a, a message including: the data relating to a detectedsafety event (an event detected by the personal emergency device 111);and the account record of the person corresponding to the ID of thepersonal emergency device, or an identifier for identifying the accountrecord (if a current account record had previously been sent, forexample by step 226). In some embodiments, more specifically both therecord and the identifier for identifying the record are transmitted. Inother embodiments, the identifier or the record, is transmitted. Atleast the identifier is transmitted in some embodiments in which existsat the monitoring station prior to the transmission of that message. Inembodiments in which a phone number was included in the subsequentmessage received by the server 101 at step 304, then the messagetransmitted at step 308 may optionally also include that phone number.Otherwise, the phone number may still be known, from an earlier time,e.g. because of step 226.

At 304 the mobile device 120 may also automatically make a call to themonitoring station 110 a, the phone number of monitoring station beinghard-coded into the app. The call is received by at the monitoringstation at step 310. At step 312, using caller ID the monitoring stationdetermines the phone number of the incoming call. The determined phonenumber is then used by the station 110 a to retrieve from memory therelevant account record based on being received at step 226 and/or step308. The attendant at the monitoring station may act on the call withknowledge of the persons details, without having to ask the person, whomay not in any case, be able to respond.

In embodiments where caller ID is not enabled, attendant may nonethelessknow who the person might be based on the information received from theserver at step 308. In any case, if the call drops out after identifyingthe person 103, the attendant may use the information received at step308 and/or 206 to call back the person 103. Further if no call isreceived, the attendant can initiate a call to the person 103 based onthe information received from the server at step 308.

As will be appreciated the server 101 uses the hardware ID of thepersonal emergency device to access the personal details of the person103 by executing step 226 or step 308 or both. Thus, the personaldetails are accessed by receipt of the second message or a subsequentmessage including the hardware ID of the personal emergency device.

As will be appreciated, the phrase “hardware ID” of a device is intendedto refer to an ID transmittable from the device to identify the device.It may be defined however by software which writes the ID to a memory onthe device, or it may be hardcoded into the device. As will be thereforebe appreciated, the exemplified IDs of mobile device 120 and the firstdevice 102 are therefore also “hardware IDs”, even though in the case ofa software implemented ID the ID may be changed by an active/deliberateinteraction, such as deleting and reinstalling the app.

Where a given item is referenced herein with the preposition “a” or“an”, it is not intended to exclude the possibility of additionalinstances of such an item, unless context requires otherwise.

Where the specification defines a range, the stated outer extremities ofthe range are part of the range, unless context requires exclusion ofthe outer extremities from the range. From example, a range defined interms of being between X and Y or from X to Y, should be interpreted asincluding X and Y.

The invention disclosed and defined herein extends to all plausiblecombinations of two or more of the individual features mentioned orevident from the text or drawings. All of these different combinationsconstitute various alternative aspects of the invention.

What is claimed is:
 1. A method of identifying to a monitoring stationpersonal data of a person in response to a use of a personal emergencyalert device, wherein the personal data is linked, in a server, to afirst device, the method comprising: a. receiving, at the server, afirst message comprising an ID of the first device and a hardware ID ofthe personal emergency device; b. linking, at the server, the personalemergency device with the personal data, by: i. identifying the personaldata corresponding to the received ID of the first device, ii.associating the personal data with the hardware ID of the personalemergency device; c. receiving, at the server, a second message from themobile device comprising the hardware ID of the personal emergencydevice; and d. in response to at least one of (i) receipt of the secondmessage, and (ii) receipt of a subsequent message received at the servervia the mobile device and comprising the hardware ID of the personalemergency device, transmitting, by the server, a message to themonitoring station, wherein based on the prior association of thepersonal data with the hardware ID of the personal emergency device theserver includes in the message (i) the personal data or (ii) anidentifier for identifying said personal data.
 2. The method of claim 1wherein the second message further comprises an ID of the mobile device,and step (b)(ii) further comprises associating the personal data withthe ID of the mobile device.
 3. The method of claim 2, wherein thesubsequent message received from the mobile device must comprise thehardware ID of the personal emergency device and the ID of the mobiledevice for the server to transmit said message to the monitoring stationin response to receiving the subsequent message.
 4. The method of claim2 wherein the mobile ID is an application ID of a monitoring applicationinstalled on the mobile device, a hardware ID of the mobile device, or amobile number of the mobile device.
 5. The method of claim 1 whereinfirst and second messages are received within a time window of apredetermined duration to enable step (b).
 6. The method of claim 1wherein the first device is a control panel.
 7. The method of claim 1wherein the first message is received from the first device.
 8. Themethod of claim 1 wherein the personal emergency device is a batteryoperated wearable device, and the personal emergency device wirelesslycommunicates with the first device in a pairing process that triggerssaid first message from the first device.
 9. The method of claim 1wherein the personal emergency device communicates with the mobiledevice via a Bluetooth communication to trigger transmission of saidsecond message to the server from the mobile device.
 10. The method ofclaim 1 wherein the personal emergency device is configured to, inresponse to detecting a fall or panic event, transmit a Bluetooth signalwhich includes the hardware ID of the personal emergency device forreceipt by mobile device for the mobile device to transmit saidsubsequent message to the server.
 11. A system for identifying personaldata of a person in response to a use of a personal emergency alertdevice, wherein the personal data is linked, in a server, to a firstdevice, the first device being a server and the system including theserver, the server being programmed to: a. receive a first messagecomprising an ID of the first device and a hardware ID of the personalemergency device, b. link the personal emergency device with thepersonal data, said linking including: i. identifying the personal datacorresponding to the received ID of the first device, ii. associatingthe personal data with the hardware ID of the personal emergency device;c. receive a second message from the mobile device comprising thehardware ID of the personal emergency device; and d. in response to atleast one of (i) receipt of the second message, and (ii) receipt of asubsequent message received via the mobile device and comprising thehardware ID of the personal emergency device, transmitting a message tothe monitoring station wherein based on the prior association of thepersonal data with the hardware ID of the personal emergency device theserver includes in the message (i) the personal data or (ii) anidentifier for identifying said personal data.
 12. The system of claim11 wherein the second message further comprises an ID of the mobiledevice, and step (b)(ii) further comprises associating the personal datawith the ID of the mobile device.
 13. The system of claim 12, wherein asubsequent message received from the mobile device must comprise thehardware ID of the personal emergency device and the ID of the mobiledevice for the server to access the personal data in response to thesubsequent message.
 14. The system of claim 12 wherein the mobile ID isan application ID of a monitoring application installed on the mobiledevice, a hardware ID of the mobile device, or a mobile number of themobile device.
 15. The system of claim 11 wherein first and secondmessages are received within a time window of a predetermined durationto enable step (b).
 16. The system of claim 11 which includes the firstdevice, the first device including a control panel which is part of ahome monitoring system.
 17. The system of claim 11 wherein the firstmessage is received from the first device.
 18. The system of claim 11wherein the system includes the personal emergency alert device
 19. Thesystem of claim 11 wherein the system includes a computer readablemedium storing a plurality of instructions which when executed by asmartphone configure the smartphone to act as said mobile device.
 20. Acomputer product comprising one or more non-transient computer readablemediums storing a plurality of instructions which when executed by aserver cause the server to: a. receive a first message comprising an IDof the first device and a hardware ID of the personal emergency device,b. link the personal emergency device with the personal data, saidlinking including: i. identifying the personal data corresponding to thereceived ID of the first device, ii. associating the personal data withthe hardware ID of the personal emergency device; c. receive a secondmessage from the mobile device comprising the hardware ID of thepersonal emergency device; and d. in response to at least one of (i)receipt of the second message, and (ii) receipt of a subsequent messagereceived via the mobile device and comprising the hardware ID of thepersonal emergency device, transmitting a message to the monitoringstation wherein based on the prior association of the personal data withthe hardware ID of the personal emergency device the server includes inthe message (i) the personal data or (ii) an identifier for identifyingsaid personal data.